diff --git a/plugin/kubernetes/kubernetes.go b/plugin/kubernetes/kubernetes.go index 60111b7b9..92d0d5018 100644 --- a/plugin/kubernetes/kubernetes.go +++ b/plugin/kubernetes/kubernetes.go @@ -274,6 +274,10 @@ func (k *Kubernetes) Records(state request.Request, exact bool) ([]msg.Service, return nil, e } + if dnsutil.IsReverse(state.Name()) { + return nil, errNoItems + } + if !wildcard(r.namespace) && !k.namespaceExposed(r.namespace) { return nil, errNsNotExposed } diff --git a/plugin/kubernetes/reverse.go b/plugin/kubernetes/reverse.go index e9f6210d8..fd783a22d 100644 --- a/plugin/kubernetes/reverse.go +++ b/plugin/kubernetes/reverse.go @@ -14,7 +14,8 @@ func (k *Kubernetes) Reverse(state request.Request, exact bool, opt plugin.Optio ip := dnsutil.ExtractAddressFromReverse(state.Name()) if ip == "" { - return nil, nil + _, e := k.Records(state, exact) + return nil, e } records := k.serviceRecordForIP(ip, state.Name()) diff --git a/plugin/kubernetes/reverse_test.go b/plugin/kubernetes/reverse_test.go index 94edef01b..ff4011ed0 100644 --- a/plugin/kubernetes/reverse_test.go +++ b/plugin/kubernetes/reverse_test.go @@ -18,12 +18,35 @@ func (APIConnReverseTest) HasSynced() bool { return true } func (APIConnReverseTest) Run() { return } func (APIConnReverseTest) Stop() error { return nil } func (APIConnReverseTest) PodIndex(string) []*api.Pod { return nil } -func (APIConnReverseTest) SvcIndex(string) []*api.Service { return nil } func (APIConnReverseTest) EpIndex(string) []*api.Endpoints { return nil } func (APIConnReverseTest) EndpointsList() []*api.Endpoints { return nil } func (APIConnReverseTest) ServiceList() []*api.Service { return nil } func (APIConnReverseTest) Modified() int64 { return 0 } +func (APIConnReverseTest) SvcIndex(svc string) []*api.Service { + if svc != "svc1.testns" { + return nil + } + svcs := []*api.Service{ + { + ObjectMeta: meta.ObjectMeta{ + Name: "svc1", + Namespace: "testns", + }, + Spec: api.ServiceSpec{ + ClusterIP: "192.168.1.100", + Ports: []api.ServicePort{{ + Name: "http", + Protocol: "tcp", + Port: 80, + }}, + }, + }, + } + return svcs + +} + func (APIConnReverseTest) SvcIndexReverse(ip string) []*api.Service { if ip != "192.168.1.100" { return nil @@ -162,11 +185,32 @@ func TestReverse(t *testing.T) { }, { Qname: "example.org.cluster.local.", Qtype: dns.TypePTR, + Rcode: dns.RcodeNameError, + Ns: []dns.RR{ + test.SOA("cluster.local. 300 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1502989566 7200 1800 86400 60"), + }, + }, + { + Qname: "svc1.testns.svc.cluster.local.", Qtype: dns.TypePTR, Rcode: dns.RcodeSuccess, Ns: []dns.RR{ test.SOA("cluster.local. 300 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1502989566 7200 1800 86400 60"), }, }, + { + Qname: "svc1.testns.svc.0.10.in-addr.arpa.", Qtype: dns.TypeA, + Rcode: dns.RcodeNameError, + Ns: []dns.RR{ + test.SOA("0.10.in-addr.arpa. 300 IN SOA ns.dns.0.10.in-addr.arpa. hostmaster.0.10.in-addr.arpa. 1502989566 7200 1800 86400 60"), + }, + }, + { + Qname: "100.0.0.10.cluster.local.", Qtype: dns.TypePTR, + Rcode: dns.RcodeNameError, + Ns: []dns.RR{ + test.SOA("cluster.local. 300 IN SOA ns.dns.cluster.local. hostmaster.cluster.local. 1502989566 7200 1800 86400 60"), + }, + }, } ctx := context.TODO() diff --git a/plugin/pkg/dnsutil/reverse.go b/plugin/pkg/dnsutil/reverse.go index f92cf18b5..a39cf2ed8 100644 --- a/plugin/pkg/dnsutil/reverse.go +++ b/plugin/pkg/dnsutil/reverse.go @@ -29,6 +29,11 @@ func ExtractAddressFromReverse(reverseName string) string { return f(strings.Split(search, ".")) } +// IsReverse returns true if name is in a reverse zone +func IsReverse(name string) bool { + return strings.HasSuffix(name, v4arpaSuffix) || strings.HasSuffix(name, v6arpaSuffix) +} + func reverse(slice []string) string { for i := 0; i < len(slice)/2; i++ { j := len(slice) - i - 1